



# UNITED STATES PATENT AND TRADEMARK OFFICE

UNITED STATES DEPARTMENT OF COMMERCE  
United States Patent and Trademark Office  
Address: COMMISSIONER FOR PATENTS  
P.O. Box 1450  
Alexandria, Virginia 22313-1450  
[www.uspto.gov](http://www.uspto.gov)

| APPLICATION NO.                                                           | FILING DATE | FIRST NAMED INVENTOR | ATTORNEY DOCKET NO.  | CONFIRMATION NO. |
|---------------------------------------------------------------------------|-------------|----------------------|----------------------|------------------|
| 09/855,898                                                                | 05/15/2001  | Leonard Scott Veil   | A33941 - 067668.0137 | 1161             |
| 21003                                                                     | 7590        | 07/17/2006           | EXAMINER             |                  |
| BAKER & BOTTS<br>30 ROCKEFELLER PLAZA<br>44TH FLOOR<br>NEW YORK, NY 10112 |             |                      |                      | FOWLKES, ANDRE R |
|                                                                           |             | ART UNIT             |                      | PAPER NUMBER     |
|                                                                           |             | 2192                 |                      |                  |

DATE MAILED: 07/17/2006

Please find below and/or attached an Office communication concerning this application or proceeding.

|                              |                        |                          |  |
|------------------------------|------------------------|--------------------------|--|
| <b>Office Action Summary</b> | <b>Application No.</b> | <b>Applicant(s)</b>      |  |
|                              | 09/855,898             | VEIL ET AL.<br><i>WL</i> |  |
|                              | <b>Examiner</b>        | <b>Art Unit</b>          |  |
|                              | Andre R. Fowlkes       | 2192                     |  |

-- The MAILING DATE of this communication appears on the cover sheet with the correspondence address --

#### Period for Reply

A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) OR THIRTY (30) DAYS, WHICHEVER IS LONGER, FROM THE MAILING DATE OF THIS COMMUNICATION.

- Extensions of time may be available under the provisions of 37 CFR 1.136(a). In no event, however, may a reply be timely filed after SIX (6) MONTHS from the mailing date of this communication.
- If NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication.
- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 133). Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any earned patent term adjustment. See 37 CFR 1.704(b).

#### Status

- 1) Responsive to communication(s) filed on 21 April 2006.  
 2a) This action is FINAL.                    2b) This action is non-final.  
 3) Since this application is in condition for allowance except for formal matters, prosecution as to the merits is closed in accordance with the practice under *Ex parte Quayle*, 1935 C.D. 11, 453 O.G. 213.

#### Disposition of Claims

- 4) Claim(s) 1-4 and 6-43 is/are pending in the application.  
 4a) Of the above claim(s) \_\_\_\_\_ is/are withdrawn from consideration.  
 5) Claim(s) \_\_\_\_\_ is/are allowed.  
 6) Claim(s) 1-4 and 6-43 is/are rejected.  
 7) Claim(s) \_\_\_\_\_ is/are objected to.  
 8) Claim(s) \_\_\_\_\_ are subject to restriction and/or election requirement.

#### Application Papers

- 9) The specification is objected to by the Examiner.  
 10) The drawing(s) filed on \_\_\_\_\_ is/are: a) accepted or b) objected to by the Examiner.  
     Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1.85(a).  
     Replacement drawing sheet(s) including the correction is required if the drawing(s) is objected to. See 37 CFR 1.121(d).  
 11) The oath or declaration is objected to by the Examiner. Note the attached Office Action or form PTO-152.

#### Priority under 35 U.S.C. § 119

- 12) Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 119(a)-(d) or (f).  
 a) All    b) Some \* c) None of:  
 1. Certified copies of the priority documents have been received.  
 2. Certified copies of the priority documents have been received in Application No. \_\_\_\_\_.  
 3. Copies of the certified copies of the priority documents have been received in this National Stage application from the International Bureau (PCT Rule 17.2(a)).

\* See the attached detailed Office action for a list of the certified copies not received.

#### Attachment(s)

- 1) Notice of References Cited (PTO-892)  
 2) Notice of Draftsperson's Patent Drawing Review (PTO-948)  
 3) Information Disclosure Statement(s) (PTO-1449 or PTO/SB/08)  
     Paper No(s)/Mail Date \_\_\_\_\_.  
 4) Interview Summary (PTO-413)  
     Paper No(s)/Mail Date. \_\_\_\_\_.  
 5) Notice of Informal Patent Application (PTO-152)  
 6) Other: \_\_\_\_\_.

## **DETAILED ACTION**

1. This action is in response to the amendment filed 4/21/06.
  
2. Claims 1-4 & 6-43 are pending.

### ***Claim Rejections - 35 USC § 102***

3. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:

A person shall be entitled to a patent unless –

(b) the invention was patented or described in a printed publication in this or a foreign country or in public use or on sale in this country, more than one year prior to the date of application for patent in the United States.

4. Claims 1-4 and 7-8 are rejected under 35 U.S.C. 102(b) as being anticipated by Hartel, et al., (Hartel), "The operational semantics of a Java Secure Processor", 1/16/1998 (art made of record).

As per claim 1, Hartel discloses a **method for securely installing an applet on a computer system having a data storage and a secure processor** (p. 1:20-21, "software (i.e. applets) that has to be (installed and) run on a smart card processor (i.e. a secure processor)", and p. 4:35-36, "The JSP (i.e. secure processor) uses a number of areas of storage for data, code and bookkeeping"), **comprising:**

- **receiving an applet in the data storage** (p. 4:35-36, "The JSP (i.e. secure processor) uses a number of areas of storage for data, code and bookkeeping"),

**- determining from at least a portion of the applet whether the applet is capable of being executed by the secure processor** (p. 2:27-28, "(the applet is digitally signed so that tampering can be detected when code is being loaded (i.e. if it is determined from the signature that the applet has been tampered with, the applet is deemed incapable of being executed by the secure processor)"),

**- wherein the portion of the applet includes at least one of a security meta-data portion, a resource meta-data portion, and a meta-data signature portion** (p. 2:27-28, "(the applet is) digitally signed (i.e. a meta-data signature portion) so that tampering can be detected when code is being loaded"),

**- installing the applet on the secure processor if the secure processor is capable of executing the applet** (p. 2:27-28, "(the applet is) digitally signed so that tampering can be detected when code is being loaded (i.e. if it is determined from the signature that the applet has been tampered with, the applet is deemed incapable of being executed by the secure processor; otherwise, the applet is installed on the secure processor)").

As per claim 2, the rejection of claim 1 is incorporated and further, Hartel discloses that **the applet is stored in a non-secure storage** (p. 4:35-36, "The JSP (i.e. secure processor) uses a number of areas of storage for data (i.e. secure and non-secure storage), code and bookkeeping").

As per claim 3, the rejection of claim 2 is incorporated and further, Hartel discloses that **the applet further comprises a meta-data portion and an executable portion** (p. 2:27-28, "(the applet is) digitally signed (i.e. a meta-data portion) so that tampering can be detected when code is being loaded", and an applet contains an executable portion).

As per claim 4, the rejection of claim 3 is incorporated and further, Hartel discloses that **the applet further comprises a certificate portion** (p. 2:27-28, "(the applet is) digitally signed (i.e. a certificate) so that tampering can be detected when code is being loaded").

As per claim 7, the rejection of claim 5 is incorporated and further, Hartel discloses that **the step of determining whether the applet is capable of being executed by the secure processor further comprises loading the meta-data portion of the applet into a secure storage area in the secure processor** (p. 4:35-36, "The JSP (i.e. secure processor) uses a number of areas of storage (i.e. secure and non-secure) for data, code and bookkeeping").

As per claim 8, the rejection of claim 7 is incorporated and further, Hartel discloses that **the step of determining whether the applet is capable of being executed by the secure processor further comprises cryptographically verifying the security meta-data portion and the resource meta-data portion of the meta-**

**data portion of the applet against the signature portion of the meta-data portion of the applet** (p. 2:21-22 "provide facilities such as ownership control and cryptographically protected modes of use").

***Claim Rejections - 35 USC § 103***

5. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all obviousness rejections set forth in this Office action:

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are such that the subject matter as a whole would have been obvious at the time the invention was made to a person having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negated by the manner in which the invention was made.

6. Claims 9-11, 13-21 and 33-36 are rejected under 35 U.S.C. 103(a) as being obvious over Hartel, et al., (Hartel), "The operational semantics of a Java Secure Processor", 1/16/1998, in view of Shear et al, (Shear), U.S. Patent No. 6,157,721.

As per claim 9, the rejection of claim 7 is incorporated and further, Hartel doesn't explicitly disclose that **the step of determining whether the applet is capable of being executed by the secure processor further comprises verifying that a secure processor security requirement of the security meta-data portion of the applet is met or exceeded by a secure processor security rating of the secure processor.**

However, Shear, in an analogous environment, discloses that **the step of determining whether the applet is capable of being executed by the secure processor further comprises verifying that a secure processor security**

**requirement of the security meta-data portion of the applet is met or exceeded by a secure processor security rating of the secure processor (col. 22:27-40, "preventing protected processing environments (i.e. secure processor) having different security level classifications (i.e. secure processor security rating) from executing the same load module (i.e. applet)".)**

Therefore, it would have been obvious to a person of ordinary skill in the art, at the time the invention was made, to incorporate the teachings of Shear into the system of Hartel to have the step of determining whether the applet is capable of being executed by the secure processor further comprise verifying that a secure processor security requirement of the security meta-data portion of the applet is met or exceeded by a secure processor security rating of the secure processor.

The modification would have been obvious because one of ordinary skill in the art would have wanted to load the appropriate applet for the specified computer system, based on all of the requirements of the applet program, so that the applet/system combination will execute properly.

As per claim 10, the rejection of claim 9 is incorporated and further, Hartel doesn't explicitly disclose that the step of determining whether the applet is capable of being executed by the secure processor further comprises:

**- determining that the secure processor security requirement of the security meta-data portion of the applet is not met or exceeded by a secure processor security rating of the secure processor.**

**- suggesting the use of a second applet that may have a second secure processor security requirement that is met or exceeded by the secure processor security rating of the secure processor .**

However, Shear, in an analogous environment, discloses that the step of determining whether the applet is capable of being executed by the secure processor further comprises:

**- determining that the secure processor security requirement of the security meta-data portion of the applet is not met or exceeded by a secure processor security rating of the secure processor (col. 22:27-40, "preventing protected processing environments (i.e. secure processor) having different security level classifications (i.e. secure processor security rating) from executing the same load module (i.e. applet)" ),**

**- suggesting the use of a second applet that may have a second secure processor security requirement that is met or exceeded by the secure processor security rating of the secure processor (col. 22:27-40, "preventing protected processing environments (i.e. secure processor) having different security level classifications (i.e. secure processor security rating) from executing the same load module (i.e. applet)" ).**

Therefore, it would have been obvious to a person of ordinary skill in the art, at the time the invention was made, to incorporate the teachings of Shear into the system of Hartel to have the step of determining whether the applet is capable of being executed by the secure processor further comprises:

- determining that the secure processor security requirement of the security meta-data portion of the applet is not met or exceeded by a secure processor security rating of the secure,
- suggesting the use of a second applet that may have a second secure processor security requirement that is met or exceeded by the secure processor security rating of the secure processor.

The modification would have been obvious because one of ordinary skill in the art would have wanted to load the appropriate applet for the specified computer system, based on all of the requirements of the applet program, so that the applet/system combination will execute properly.

As per claims 11 & 13, the Hartel/Shear system also discloses such claimed limitations as addressed in claim 9 & 10, above.

As per claim 14, the rejection of claim 3 is incorporated and further, Hartel discloses: **an encrypted executable and an unencrypted signature** (p. 2:21-22 “provide facilities such as ownership control and cryptographically protected modes of use”).

As per claim 15, the rejection of claim 14 is incorporated and further, Hartel discloses that **the step of installing the applet on the secure processor further comprises storing the executable portion of the applet in the secure storage area**

(p. 4:35-36, "The JSP (i.e. secure processor) uses a number of areas of storage (i.e. secure and unsecured) for data, code and bookkeeping").

As per claim 16, the rejection of claim 15 is incorporated and further, Hartel discloses that the step of installing the applet on the secure processor further comprises **requesting a decryption key for the encrypted executable portion of the applet; receiving the decryption key; and decrypting the encrypted executable portion into an unencrypted executable portion using the decryption key** (p. 2:21-22 "provide facilities such as ownership control and cryptographically protected modes of use").

As per claim 17, the rejection of claim 16 is incorporated and further, Hartel discloses that **the step of installing the applet on the secure processor further comprises verifying the unencrypted executable portion against the unencrypted executable signature** (p. 2:21-22 "provide facilities such as ownership control and cryptographically protected modes of use").

As per claim 18, the rejection of claim 16 is incorporated and further, Hartel discloses that **the step of installing the applet on the secure processor further comprises verifying the executable portion prepended with an applet serial number, against the unencrypted executable signature** (p. 2:21-22 "provide facilities such as ownership control and cryptographically protected modes of use", and p. 5:17-

18, "gathers the bytecode and the method headers (containing the applet serial number) for the methods of all application programs (i.e. applets) in the system").

As per claim 19, the rejection of claim 17 is incorporated and further, Hartel discloses that the step of installing the applet on the secure processor further comprises **binding the unencrypted executable portion to the secure processor** (p. 2:21-22 "provide facilities such as ownership control and cryptographically protected modes of use").

As per claim 20, the rejection of claim 17 is incorporated and further, Hartel discloses that the step of installing the applet on the secure processor further comprises:

- **encrypting the unencrypted executable portion to an encrypted executable** (p. 2:21-22 "provide facilities such as ownership control and cryptographically protected modes of use"),
- **storing the encrypted executable in the non-secure storage** (p. 4:3, "an (non-secure) area of memory"),
- **storing the encrypted executable's decryption key in the secure storage area** (p. 2:21-22 "provide facilities such as ownership control and cryptographically protected modes of use").

As per claim 21, the rejection of claim 1 is incorporated and further, Hartel discloses that **the computer system further comprises a non-secure processor** (p. 2:3, "a JVM").

As per claims 33-36, this is a system version of the claimed method discussed above, in claims 3-4, wherein all claimed limitations have also been addressed and/or cited as set forth above. For example, see the Hartel/Shear system, e.g. Hartel p. 1:20-6:40 and Shear col. 5:1-5 and 22:27-40.

7. Claims 6, 12, 22-32 and 37-43 are rejected under 35 U.S.C. 103(a) as being unpatentable over Hartel, et al., (Hartel), "The operational semantics of a Java Secure Processor", 1/16/1998, in view of Shear et al, (Shear), U.S. Patent No. 6,157,721, further in view of Moore et al. (Moore), U.S. Patent No. 5,696,975.

As per claim 6, the rejection of claim 5 is incorporated and further, the Hartel/Shear system doesn't explicitly disclose that the resource meta-data portion is adapted to designate resources **comprising at least one of: a biometric sensor; a secure output; a keyboard; a personal identification number entry device; a global positioning system input; a magnetic stripe card reader; a secure storage area; a performance metrics, an algorithm implementing specific cryptographic algorithms; and at least one smart card slot.**

However, Moore, in an analogous environment, discloses that the resource meta-data portion is adapted to designate resources **comprising at least one of: a biometric sensor; a secure output** (p. 3 col. L:30-31, "Secure Sockets Layer (SSL) technology"); **a keyboard; a personal identification number entry device; a global positioning system input; a magnetic stripe card reader; a secure storage area; a performance metrics, an algorithm implementing specific cryptographic algorithms; and at least one smart card slot** (col. 1:29-45, "The steps in launching an application, i.e., installation, configuration, and execution ... requiring the computer system to be configured or reconfigured with the specific requirements of the application in mind. For example, some applications require the use of an expanded memory manager while others will operate only if no expanded memory is allocated (i.e. memory and performance metrics)", and col. 8:5-20, "The initialization file is then scanned 462 the first time to determine the total memory requirements for the application. If the amount required exceeds the amount available 464, an error message is displayed 466 to the user").

Therefore, it would have been obvious to a person of ordinary skill in the art, at the time the invention was made, to incorporate the teachings of Moore into the Hartel/Shear system in order to have the resources designated, comprise at least one of : **a biometric sensor; a secure output; a keyboard; a personal identification number entry device; a global positioning system input; a magnetic stripe card reader; a secure storage area; a performance metrics, an algorithm implementing specific cryptographic algorithms; and at least one smart card slot.** The

modification would have been obvious because one of ordinary skill in the art would have wanted verify that the appropriate requirements are available on the computer system in order to load the appropriate applet for the computer system, so that the applet/system combination will execute properly.

As per claim 12, the rejection of claim 7 is incorporated and further, the Hartel/Shear system doesn't explicitly disclose that **the step of determining whether the applet is capable of being executed by the secure processor further comprises verifying that the secure processor is capable of supplying resources designated in the resource meta-data portion of the meta-data portion of the applet.**

However, Moore, in an analogous environment, discloses that **the step of determining whether the applet is capable of being executed by the secure processor further comprises verifying that the secure processor is capable of supplying resources designated in the resource meta-data portion of the meta-data portion of the applet** (col. 1:29-45, "The steps in launching an application, i.e., installation, configuration, and execution ... requiring the computer system to be configured or reconfigured with the specific requirements of the application in mind. For example, some applications require the use of an expanded memory manager while others will operate only if no expanded memory is allocated (i.e. resources)", and col. 8:5-20, "The initialization file is then scanned 462 the first time to determine the total

memory requirements for the application. If the amount required exceeds the amount available 464, an error message is displayed 466 to the user").

Therefore, it would have been obvious to a person of ordinary skill in the art, at the time the invention was made, to incorporate the teachings of Moore into the Hartel/Shear system to have **the step of determining whether the applet is capable of being executed by the secure processor further comprises verifying that the secure processor is capable of supplying resources designated in the resource meta-data portion of the meta-data portion of the applet.** The modification would have been obvious because one of ordinary skill in the art would have wanted to load the appropriate applet for the specified computer system, based on all of the requirements of the applet program, so that the applet/system combination will execute properly.

As per claims 22-29, this is another method version of the claimed method discussed above, in claims 1, 2, 8-16, 20 and 24, wherein all claimed limitations have also been addressed and/or cited as set forth above. For example, see the Hartel/Shear/Moore system, (Hartel p. 1:20-6:40, Shear col. 5:1-5 and 22:27-40 and Moore col. 1:29-8:20).

As per claims 30-32, this is another method version of the claimed method discussed above, in claims 1, 8, 10-16, 20 and 24, wherein all claimed limitations have also been addressed and/or cited as set forth above. For example, see the

Hartel/Shear/Moore system, (Hartel p. 1:20-6:40, Shear col. 5:1-5 and 22:27-40 and Moore col. 1:29-8:20).

As per claims 37-40, this is a system version of the claimed method discussed above, in claims 1, 2, 8-16, 20, 22 and 24, wherein all claimed limitations have also been addressed and/or cited as set forth above. For example, see the Hartel/Shear/Moore system, (Hartel p. 1:20-6:40, Shear col. 5:1-5 and 22:27-40 and Moore col. 1:29-8:20).

As per claim 41, the rejection of claim 38 is incorporated and further, Hartel discloses that **the resource meta-data portion comprises an applet serial number** (p. 5:17-18, “gathers the bytecode and the method headers (containing the applet serial number) for the methods of all application programs (i.e. applets) in the system”).

As per claims 42 and 43, this is a product version of the claimed method discussed above, in claim 8, wherein all claimed limitations have also been addressed and/or cited as set forth above. For example, see the Hartel/Shear/Moore system (Hartel p. 1:20-6:40, Shear col. 5:1-5 and 22:27-40 and Moore col. 1:29-8:20).

### ***Response to Arguments***

8. Applicant's arguments with respect to claims 1-43 have been considered but are moot in view of the new ground(s) of rejection.

***Conclusion***

9. Any inquiry concerning this communication or earlier communications from the examiner should be directed to Andre R. Fowlkes whose telephone number is (571) 272-3697. The examiner can normally be reached on Monday - Friday, 8:00am-4:30pm.

If attempts to reach the examiner by telephone are unsuccessful, the examiner's supervisor, Tuan Q. Dam can be reached on (571)272-3695. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.

Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only. For more information about the PAIR system, see <http://pair-direct.uspto.gov>. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free).

ARF



TUAN DAM  
SUPERVISORY PATENT EXAMINER